Network-enabled applications are applications that use communication networks to share information between various devices, each of which might be operated by the same or different user. The network-enabled applications include applications such as browser engines, messaging interfaces, e-mail tools, remote desktops, and the like that allow users to easily browse, select, and manipulate items being viewed using a network-enabled application. The network-enabled application receives one or more communications (such as code for instantiating webpages) from a service provider that is often encoded in the form of a language (such as the hypertext markup language HTML), which describes the structure and functionality of the content that is received by the content user.
The network resources upon which the network-enabled applications execute are often arranged in a private network that is arranged as a trusted zone. The private network is typically addressed using Internet protocol (IP) addresses in accordance with an established Internet protocol. The addresses of each network resource within the private network are typically provided to each of the network resources in the private network. The trusted zone is typically shielded from the public Internet by a firewall and thus various devices within the trusted zone communicate across the public Internet by using network address translation, port address translation, and/or a proxy server.
However, malicious code that might be present in the network-enabled application (and/or computer upon which the network-enabled application is executing) can be used to induce unauthorized commands to be sent. In a cross-site request forgery exploit for example, the trust of the user in the user's network-enabled application is exploited. The cross-site request forgery (often referred to as CSRF, XSRF, a one-click attack, “confused-deputy problem,” and/or session riding) exploit operates by inducing the browser by way of HTML or script to (usually unknowingly) access a website for which a user has ready accessed (such as being logged in, having an authentication cookie set, an established session identifier, and the like).
The malicious function can be accessed by the user's browser rendering a seemingly valid element (such an image tag) that has a reference to a location that is typically inaccessible by the attacker. When the reference location is visited by the user's browser, the user's browser then executes the malicious function. The malicious function can be used to transmit a request to perform an action on behalf of the user using the user's own machine. (The performed action can include malicious activity such as transferring funds from the user's bank account to an attacker's bank account.) Thus, attackers can exploit the trust established by a requested site by way of the user's machine having been forced to by the referring site to perform the exploit.